shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kao...@apache.org
Subject svn commit: r911693 - in /incubator/shiro/trunk/core/src/main/java/org/apache/shiro: ./ mgt/
Date Fri, 19 Feb 2010 03:43:26 GMT
Author: kaosko
Date: Fri Feb 19 03:43:26 2010
New Revision: 911693

URL: http://svn.apache.org/viewvc?rev=911693&view=rev
Log:
Complete - issue SHIRO-110: Remove org.apache.shiro.mgt.SubjectBinder and its usages 
http://issues.apache.org/jira/browse/SHIRO-110
- removed SubjectBinder and SecurityManager.getSubject. Added two TODO comments as a hint
to consider refactoring the functionality to Subject.Binder as part of a separate issue. Needs
some discussion first.
- Changed SecurityUtils.getSubject() implementation to use Subject.Builder if subject wasn't
available in ThreadContext
- verified integration tests pass

Removed:
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionSubjectBinder.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectBinder.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/ThreadContextSubjectBinder.java
Modified:
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/SecurityUtils.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SecurityManager.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/SecurityUtils.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/SecurityUtils.java?rev=911693&r1=911692&r2=911693&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/SecurityUtils.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/SecurityUtils.java Fri Feb 19
03:43:26 2010
@@ -53,10 +53,7 @@
      */
     public static Subject getSubject() {
         Subject subject = ThreadContext.getSubject();
-        if (subject == null) {
-            SecurityManager securityManager = getSecurityManager();
-            subject = securityManager.getSubject();
-        }
+        if (subject == null) subject = (new Subject.Builder()).buildSubject();
         return subject;
     }
 

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java?rev=911693&r1=911692&r2=911693&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java
(original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java
Fri Feb 19 03:43:26 2010
@@ -28,6 +28,7 @@
 import org.apache.shiro.session.mgt.DelegatingSession;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.ThreadContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -78,15 +79,12 @@
 
     protected SubjectFactory subjectFactory;
 
-    protected SubjectBinder subjectBinder;
-
     /**
      * Default no-arg constructor.
      */
     public DefaultSecurityManager() {
         super();
         this.subjectFactory = new DefaultSubjectFactory();
-        this.subjectBinder = new SessionSubjectBinder();
     }
 
     /**
@@ -117,14 +115,6 @@
         this.subjectFactory = subjectFactory;
     }
 
-    public SubjectBinder getSubjectBinder() {
-        return subjectBinder;
-    }
-
-    public void setSubjectBinder(SubjectBinder subjectBinder) {
-        this.subjectBinder = subjectBinder;
-    }
-
     public RememberMeManager getRememberMeManager() {
         return rememberMeManager;
     }
@@ -217,7 +207,28 @@
      *                for later use.
      */
     protected void bind(Subject subject) {
-        getSubjectBinder().bind(subject);
+	// TODO consider refactoring to use Subject.Binder.
+	// This implementation was copied from SessionSubjectBinder that was removed
+        PrincipalCollection principals = subject.getPrincipals();
+        if (principals != null && !principals.isEmpty()) {
+            Session session = subject.getSession();
+            session.setAttribute(SubjectFactory.PRINCIPALS_SESSION_KEY, principals);
+        } else {
+            Session session = subject.getSession(false);
+            if (session != null) {
+                session.removeAttribute(SubjectFactory.PRINCIPALS_SESSION_KEY);
+            }
+        }
+        
+        if (subject.isAuthenticated()) {
+            Session session = subject.getSession();
+            session.setAttribute(SubjectFactory.AUTHENTICATED_SESSION_KEY, subject.isAuthenticated());
+        } else {
+            Session session = subject.getSession(false);
+            if (session != null) {
+                session.removeAttribute(SubjectFactory.AUTHENTICATED_SESSION_KEY);
+            }
+        }
     }
 
     protected void rememberMeSuccessfulLogin(AuthenticationToken token, AuthenticationInfo
info, Subject subject) {
@@ -442,7 +453,7 @@
         if (context.containsKey(SubjectFactory.SESSION)) {
             Session session = (Session) context.get(SubjectFactory.SESSION);
             if (session != null) {
-                Object principals = session.getAttribute(SessionSubjectBinder.PRINCIPALS_SESSION_KEY);
+                Object principals = session.getAttribute(SubjectFactory.PRINCIPALS_SESSION_KEY);
                 if (principals != null) {
                     log.trace("Context already contains an implicit (session-based) identity.");
                     return true;
@@ -576,7 +587,8 @@
     }
 
     protected void unbind(Subject subject) {
-        getSubjectBinder().unbind(subject);
+        // TODO Consider refactoring. Compare to bind() - this is not symmetric
+        ThreadContext.unbindSubject();
     }
 
     protected PrincipalCollection getRememberedIdentity(Map subjectContext) {
@@ -594,13 +606,4 @@
         }
         return null;
     }
-
-    public Subject getSubject() {
-        Subject subject = getSubjectBinder().getSubject();
-        if (subject == null) {
-            subject = createSubject(new HashMap());
-            bind(subject);
-        }
-        return subject;
-    }
 }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java?rev=911693&r1=911692&r2=911693&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java
(original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java
Fri Feb 19 03:43:26 2010
@@ -103,7 +103,7 @@
         if (CollectionUtils.isEmpty(principals)) {
             //try the session:
             if (session != null) {
-                principals = (PrincipalCollection) session.getAttribute(SessionSubjectBinder.PRINCIPALS_SESSION_KEY);
+                principals = (PrincipalCollection) session.getAttribute(SubjectFactory.PRINCIPALS_SESSION_KEY);
             }
         }
 
@@ -155,7 +155,7 @@
         if (!authc) {
             //fall back to a session check:
             if (session != null) {
-                Boolean sessionAuthc = (Boolean) session.getAttribute(SessionSubjectBinder.AUTHENTICATED_SESSION_KEY);
+                Boolean sessionAuthc = (Boolean) session.getAttribute(SubjectFactory.AUTHENTICATED_SESSION_KEY);
                 authc = sessionAuthc != null && sessionAuthc;
             }
         }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SecurityManager.java?rev=911693&r1=911692&r2=911693&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SecurityManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SecurityManager.java Fri
Feb 19 03:43:26 2010
@@ -62,7 +62,6 @@
  * @since 0.2
  */
 public interface SecurityManager extends Authenticator, Authorizer, SessionManager {
-
     /**
      * Logs in the specified Subject using the given {@code authenticationToken}, returning
an updated Subject
      * instance reflecting the authenticated state if successful or throwing {@code AuthenticationException}
if it is
@@ -100,14 +99,6 @@
     void logout(Subject subject);
 
     /**
-     * Returns the {@code Subject} instance representing the currently executing user.
-     *
-     * @return the {@code Subject} instance representing the currently executing user.
-     * @since 0.9
-     */
-    Subject getSubject();
-
-    /**
      * Creates a {@code Subject} instance reflecting the specified contextual data.
      * <p/>
      * The context can be anything needed by this {@code SecurityManager} to construct a
{@code Subject} instance.

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java?rev=911693&r1=911692&r2=911693&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java Fri
Feb 19 03:43:26 2010
@@ -47,6 +47,17 @@
     public static final String AUTHENTICATED = SubjectFactory.class.getName() + ".AUTHENTICATED";
 
     public static final String HOST = SubjectFactory.class.getName() + ".HOST";
+    
+    /**
+     * The session key that is used to store subject principals.
+     */
+    public static final String PRINCIPALS_SESSION_KEY = SubjectFactory.class.getName() +
"_PRINCIPALS_SESSION_KEY";
+
+    /**
+     * The session key that is used to store whether or not the user is authenticated.
+     */
+    public static final String AUTHENTICATED_SESSION_KEY = SubjectFactory.class.getName()
+ "_AUTHENTICATED_SESSION_KEY";
+    
 
     /**
      * @deprecated use the {@link #HOST HOST} key instead.  This will be removed prior to
1.0.



Mime
View raw message